Last updated: 12 June 2026
Hype Deals UK ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our website, in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Please read this policy carefully to understand our practices regarding your personal data. Where we rely on your consent (for example, analytics or marketing cookies), we will always ask for it separately and you can withdraw it at any time. Your use of our services is also governed by our Terms of Service, which set out the contractual basis for processing your data when you publish content on the platform.
For the purposes of the UK GDPR, the data controller is:
We collect the following categories of personal data:
Email address, full name, and avatar URL provided by Google OAuth when you sign in.
Nickname (chosen by you), selected avatar (SVG or uploaded image), and onboarding status.
Your votes on deals (upvote/downvote) and any comments you submit.
Custom avatar images (JPG/PNG, max 200KB) uploaded to our storage.
Your selected interest categories and keywords (optional). Used only when you opt-in to personalized recommendations. You can withdraw consent and delete this data anytime.
Your cookie consent preferences, personalization consent status, consent version, timestamp, and session identifier.
Anonymized record of deals you're recommended (no personal identifiers, expires after 90 days). Used to improve recommendation quality.
IP address (hashed via SHA-256, never stored raw), browser user agent, and device type.
Pages visited, time spent on site, and interaction patterns (only when you consent to analytics cookies).
We collect personal data through the following methods:
Under UK GDPR, we must have a lawful basis for processing your personal data. Our legal bases are:
Analytics cookies, marketing/tracking cookies, and any optional data processing.
You can withdraw consent at any time via the cookie banner or by contacting us.
Processing necessary to provide our services — managing your user account, profile, votes, and comments.
Without this data, we cannot provide the Hype Deals community features.
Rate limiting to prevent abuse, security monitoring, and improving our services.
Our legitimate interests do not override your fundamental rights and freedoms.
Compliance with UK laws, including tax, consumer protection, and data protection regulations.
We may be required to retain certain data for legal compliance purposes.
We share your personal data with the following third-party service providers, all of whom act as data processors on our behalf and are bound by data processing agreements:
| Processor | Purpose | Data Shared | Location |
|---|---|---|---|
| Supabase | Authentication, database, file storage | Email, name, profile data, votes, comments, avatars | USA (EU-US DPF) |
| Google (OAuth) | User authentication | Email, name, avatar URL | USA (EU-US DPF) |
| Google Analytics | Site analytics (with consent only) | Page views, anonymised IP, usage patterns | USA (EU-US DPF) |
| Cloudinary | Image hosting and CDN for deal images | Product images (no personal data) | USA (EU-US DPF) |
| Amazon Associates | Affiliate link tracking (with consent only) | Click data via affiliate tag in URLs | USA (EU-US DPF) |
All US-based processors are covered under the EU-US Data Privacy Framework (DPF) or appropriate Standard Contractual Clauses (SCCs). We do not sell your personal data to any third party.
Some of our service providers are located outside the United Kingdom, including in the United States. Where this is the case, we ensure your data is protected by one of the following mechanisms:
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
Under the UK GDPR, you have the following rights in relation to your personal data. You can exercise these rights at any time by contacting us or using the features built into your account settings:
You can request a copy of all personal data we hold about you. Use the "Export My Data" feature in your account settings to download your data in JSON format.
You can update or correct your personal data at any time via your account settings (nickname, avatar). For other corrections, contact us directly.
You can request deletion of your account and all associated data via the "Delete My Account" feature in Settings > Danger Zone. This will permanently remove your profile, votes, comments, and uploaded avatars.
You can restrict how we process your data by adjusting your cookie preferences or contacting us to request processing restrictions.
You can download your personal data in a structured, machine-readable JSON format via the "Export My Data" feature in your account settings.
You can object to processing based on legitimate interests (e.g., analytics, marketing) by rejecting non-essential cookies in the cookie banner or adjusting your preferences at any time.
Where processing is based on consent (analytics, marketing cookies), you can withdraw consent at any time via the cookie banner. Withdrawal does not affect the lawfulness of processing before withdrawal.
We will respond to any valid request within one month. For complex requests, this may be extended by two further months, in which case we will inform you of the delay.
We use cookies and similar technologies to provide and improve our services. When you first visit our website, you will see a cookie consent banner where you can choose which types of cookies to allow.
Essential for the website to function (e.g., sign-in sessions, security, remembering your cookie choices). Cannot be disabled.
Examples: Supabase authentication cookies, admin session cookie, cookie consent record
Remember your preferences, theme settings, and saved configurations.
Examples: Theme preference
Help us understand how visitors interact with the site to improve our services.
Examples: Google Analytics (gtag.js) — page views, anonymised IP addresses
Used to deliver relevant advertisements and track affiliate link clicks.
Examples: Amazon Associates affiliate tag in outbound URLs
You can change your cookie preferences at any time by clicking the cookie icon in the bottom corner of the website or by clearing your browser cookies. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:
Our website is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will take steps to delete such information.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last updated" date at the top of this policy. We encourage you to review this policy periodically.
If you have any questions about this Privacy Policy or our data practices, or if you wish to exercise any of your rights, please contact us:
You have the right to lodge a complaint with a supervisory authority if you believe your personal data has been processed in a way that infringes the UK GDPR.
The ICO is the UK's independent supervisory authority for data protection.
We would appreciate the opportunity to address your concerns before you contact the ICO. Please contact us first so we can try to resolve any issues.
Hype Deals UK Privacy Policy — Compliant with UK GDPR and Data Protection Act 2018